#
#
#    SysmonForLinux
#
#    Copyright (c) Microsoft Corporation
#
#    All rights reserved.
#
#    MIT License
#
#    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the ""Software""), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
#
#    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
#
#    THE SOFTWARE IS PROVIDED *AS IS*, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
#

#################################################################################
#
# CMakeLists.txt
#
# Build script
#
#################################################################################

#################################################################################
# NOTE:                                                                         #
# Please compile in a build directory rather than the source directory.         #
# From Sysmon/linux:                                                            #
#                                                                               #
#    $ mkdir build; cd build                                                    #
#    $ cmake ..                                                                 #
#    $ make                                                                     #
#                                                                               #
# If you later change this CMakeLists.txt file, remake the build directory.     #
#                                                                               #
#    $ cd ..                                                                    #
#    $ rm -rf build                                                             #
#    $ mkdir build; cd build                                                    #
#    $ cmake ..                                                                 #
#    $ make                                                                     #
#                                                                               #
#################################################################################

cmake_minimum_required(VERSION 3.10)
cmake_policy(SET CMP0048 NEW)

#
# set the project name - version is MAJOR.MINOR.PATCH.RELEASE - releases start at 1
#
if (DEFINED ENV{VERSION})
  project(SysmonForLinux VERSION $ENV{VERSION})
else()
  project(SysmonForLinux VERSION 0.0.0.0)
endif()

configure_file(linuxVersion.h.in linuxVersion.h)
configure_file(package/DEBIAN.in/control.in DEBIANcontrol)
configure_file(package/SPECS.in/spec.in SPECS.spec)

#
# enable Debug while pre-release; re-enable it post-release to add symbols to binary
#
#set(CMAKE_BUILD_TYPE Debug)
#option(DEBUG_K "Enter debug mode" On)

#
# external programs used by this build
#
set(TEXTTRANSFORM "$ENV{HOME}/.dotnet/tools/t4")
set(ICONV "/usr/bin/iconv")
set(LD "/usr/bin/ld")

#
# package name
#
set(PACKAGE_NAME "sysmonforlinux")

#
# report warnings as errors
# -g is required for BTF and CO:RE
#
add_compile_options(-Wall -Werror -g -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-all -O2)

#
# support for C++17
#
set(CMAKE_CXX_FLAGS "-std=gnu++17")

#
# rely on libxml2 having been installed, for XML configuration and output
#
find_package(LibXml2 2.0.0 REQUIRED)

#
# source directories
#
if(SYSMON_ADO)
set(SYSMON_COMMON_SOURCE_DIR "${CMAKE_SOURCE_DIR}/../sysmonCommon/")
set(SYSMON_TESTS_SOURCE_DIR "${CMAKE_SOURCE_DIR}/../test/UnitTests/")
else()
set(SYSMON_COMMON_SOURCE_DIR "${CMAKE_SOURCE_DIR}/sysmonCommon/")
set(SYSMON_TESTS_SOURCE_DIR "${CMAKE_SOURCE_DIR}/sysmonCommon/UnitTests/")
endif()

#
# Compress man page
#
set(SYSMON_COMPRESS_MAN "sysmon.8.gz")

execute_process(
    COMMAND date "+%d %b %Y"
    OUTPUT_VARIABLE BUILD_DATE
    OUTPUT_STRIP_TRAILING_WHITESPACE
)

configure_file(
    "${CMAKE_SOURCE_DIR}/package/usr/share/man/man8/sysmon_template.8"
    "${PROJECT_BINARY_DIR}/sysmon.8"
    @ONLY
)

add_custom_target(sysmonManPageCompress ALL
                  DEPENDS ${PROJECT_BINARY_DIR}/${SYSMON_COMPRESS_MAN}
                  )

add_custom_command(OUTPUT ${PROJECT_BINARY_DIR}/${SYSMON_COMPRESS_MAN}
                   COMMAND gzip -f -c "${PROJECT_BINARY_DIR}/sysmon.8" > ${PROJECT_BINARY_DIR}/${SYSMON_COMPRESS_MAN}
                   COMMENT "Compressing Sysmon man page"
                   DEPENDS "${PROJECT_BINARY_DIR}/sysmon.8"
                  )

include(ExternalProject)


# Get and build openSSL.
# When you update the GIT tag please make sure to delete the build
# directory before building again.
ExternalProject_Add(openssl
                    GIT_REPOSITORY https://github.com/openssl/openssl.git
                    GIT_TAG openssl-3.4.1
                    PREFIX ./openssl
                    CONFIGURE_COMMAND cd ../openssl && ./Configure
                    BUILD_COMMAND cd ../openssl && make && rm -rf ${PROJECT_BINARY_DIR}/openssl/src/openssl/cloudflare-quiche
                    INSTALL_COMMAND ""
                    UPDATE_COMMAND ""
                   )

set(openssl_SOURCE_DIR ${CMAKE_BINARY_DIR}/openssl/src/openssl)

#
# make sysmon
#
add_executable(sysmon
               sysmonforlinux.c
               linuxWideChar.c
               linuxHelpers.cpp
               networkTracker.cpp
               outputxml.c
               installer.c
               "${SYSMON_COMMON_SOURCE_DIR}/usage.c"
               "${SYSMON_COMMON_SOURCE_DIR}/parsecommandline.c"
               "${SYSMON_COMMON_SOURCE_DIR}/printSchema.c"
               "${SYSMON_COMMON_SOURCE_DIR}/xml.cpp"
               "${SYSMON_COMMON_SOURCE_DIR}/rules.c"
               "${SYSMON_COMMON_SOURCE_DIR}/eventsCommon.cpp"
               "${SYSMON_COMMON_SOURCE_DIR}/networkCommon.cpp"
               "${SYSMON_COMMON_SOURCE_DIR}/networkmiscCommon.cpp"
               "${SYSMON_COMMON_SOURCE_DIR}/dumpConfiguration.c"
               sysmonevents.h           # automatically generated during build
               sysmonmsg.h              # automatically generated during build
               sysmonmsgop.c            # automatically generated during build
               sysmonmsgop.h            # automatically generated during build
               # following are all embedded in sysmon as objects
               manifest.xml.o
               sysmonEBPFkern4.15.o.o
               sysmonEBPFkern4.16.o.o
               sysmonEBPFkern4.17-5.1.o.o
               sysmonEBPFkern5.2.o.o
               sysmonEBPFkern5.3-5.5.o.o
               sysmonEBPFkern5.6-.o.o
               sysmonEBPFkern4.15_core.o.o
               sysmonEBPFkern4.16_core.o.o
               sysmonEBPFkern4.17-5.1_core.o.o
               sysmonEBPFkern5.2_core.o.o
               sysmonEBPFkern5.3-5.5_core.o.o
               sysmonEBPFkern5.6-_core.o.o
               sysmonLogView.o
               sysmon.d.o
               sysmon.service.o
               sysmonEBPFkern4.15.rep
               sysmonEBPFkern4.16.rep
               sysmonEBPFkern4.17-5.1.rep
               sysmonEBPFkern5.2.rep
               sysmonEBPFkern5.3-5.5.rep
               sysmonEBPFkern5.6-.rep
               sysmonEBPFkern4.15_core.rep
               sysmonEBPFkern4.16_core.rep
               sysmonEBPFkern4.17-5.1_core.rep
               sysmonEBPFkern5.2_core.rep
               sysmonEBPFkern5.3-5.5_core.rep
               sysmonEBPFkern5.6-_core.rep
               )

target_include_directories(sysmon PUBLIC
                           "${CMAKE_SOURCE_DIR}"
                           "${SYSMON_COMMON_SOURCE_DIR}"
                           "${PROJECT_BINARY_DIR}"
                           "/usr/include"
                           "/usr/local/include"
                           "${LIBXML2_INCLUDE_DIR}"
                           "/opt/sysinternalsEBPF/ebpfKern"
                          )


add_custom_target(deb
    COMMAND "${CMAKE_SOURCE_DIR}/makePackages.sh" "${CMAKE_SOURCE_DIR}" "${PROJECT_BINARY_DIR}" "${PACKAGE_NAME}" "${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}.${PROJECT_VERSION_PATCH}" "${PROJECT_VERSION_TWEAK}" "deb"
    DEPENDS "${CMAKE_SOURCE_DIR}/package" "${PROJECT_BINARY_DIR}/sysmon"
)

add_custom_target(rpm
    COMMAND "${CMAKE_SOURCE_DIR}/makePackages.sh" "${CMAKE_SOURCE_DIR}" "${PROJECT_BINARY_DIR}" "${PACKAGE_NAME}" "${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}.${PROJECT_VERSION_PATCH}" "${PROJECT_VERSION_TWEAK}" "rpm"
    DEPENDS "${CMAKE_SOURCE_DIR}/package" "${PROJECT_BINARY_DIR}/sysmon"
)

add_dependencies(sysmon openssl)

# list of ebpf programs to make
set(EBPF_PROGS
               sysmonEBPFkern4.15
               sysmonEBPFkern4.16
               sysmonEBPFkern4.17-5.1
               sysmonEBPFkern5.2
               sysmonEBPFkern5.3-5.5
               sysmonEBPFkern5.6-
)

add_custom_command(OUTPUT sysmonEBPFkern4.15.rep
                   COMMAND "${CMAKE_BINARY_DIR}/checkEBPFsizes" sysmonEBPFkern4.15.o 4096 && touch sysmonEBPFkern4.15.rep
                   COMMENT "Checking sysmonEBPFkern4.15.o"
                   DEPENDS checkEBPFsizes sysmonEBPFkern4.15.o
                  )

add_custom_command(OUTPUT sysmonEBPFkern4.16.rep
                   COMMAND "${CMAKE_BINARY_DIR}/checkEBPFsizes" sysmonEBPFkern4.16.o 4096 && touch sysmonEBPFkern4.16.rep
                   COMMENT "Checking sysmonEBPFkern4.16.o"
                   DEPENDS checkEBPFsizes sysmonEBPFkern4.16.o
                 )

add_custom_command(OUTPUT sysmonEBPFkern4.17-5.1.rep
                   COMMAND "${CMAKE_BINARY_DIR}/checkEBPFsizes" sysmonEBPFkern4.17-5.1.o 4096 && touch sysmonEBPFkern4.17-5.1.rep
                   COMMENT "Checking sysmonEBPFkern4.17-5.1.o"
                   DEPENDS checkEBPFsizes sysmonEBPFkern4.17-5.1.o
                  )

add_custom_command(OUTPUT sysmonEBPFkern5.2.rep
                   COMMAND "${CMAKE_BINARY_DIR}/checkEBPFsizes" sysmonEBPFkern5.2.o 32768 && touch sysmonEBPFkern5.2.rep
                   COMMENT "Checking sysmonEBPFkern5.2.o"
                   DEPENDS checkEBPFsizes sysmonEBPFkern5.2.o
                  )

add_custom_command(OUTPUT sysmonEBPFkern5.3-5.5.rep
                   COMMAND "${CMAKE_BINARY_DIR}/checkEBPFsizes" sysmonEBPFkern5.3-5.5.o 32768 && touch sysmonEBPFkern5.3-5.5.rep
                   COMMENT "Checking sysmonEBPFkern5.3-5.5.o"
                   DEPENDS checkEBPFsizes sysmonEBPFkern5.3-5.5.o
                  )

add_custom_command(OUTPUT sysmonEBPFkern5.6-.rep
                   COMMAND "${CMAKE_BINARY_DIR}/checkEBPFsizes" sysmonEBPFkern5.6-.o 32768 && touch sysmonEBPFkern5.6-.rep
                   COMMENT "Checking sysmonEBPFkern5.6-.o"
                   DEPENDS checkEBPFsizes sysmonEBPFkern5.6-.o
                  )

add_custom_command(OUTPUT sysmonEBPFkern4.15_core.rep
                   COMMAND "${CMAKE_BINARY_DIR}/checkEBPFsizes" sysmonEBPFkern4.15_core.o 4096 touch sysmonEBPFkern4.15_core.rep
                   COMMENT "Checking sysmonEBPFkern4.15_core.o"
                   DEPENDS checkEBPFsizes sysmonEBPFkern4.15_core.o
                  )

add_custom_command(OUTPUT sysmonEBPFkern4.16_core.rep
                   COMMAND "${CMAKE_BINARY_DIR}/checkEBPFsizes" sysmonEBPFkern4.16_core.o 4096 && touch sysmonEBPFkern4.16_core.rep
                   COMMENT "Checking sysmonEBPFkern4.16_core.o"
                   DEPENDS checkEBPFsizes sysmonEBPFkern4.16_core.o
                  )

add_custom_command(OUTPUT sysmonEBPFkern4.17-5.1_core.rep
                   COMMAND "${CMAKE_BINARY_DIR}/checkEBPFsizes" sysmonEBPFkern4.17-5.1_core.o 4096 && touch sysmonEBPFkern4.17-5.1_core.rep
                   COMMENT "Checking sysmonEBPFkern4.17-5.1_core.o"
                   DEPENDS checkEBPFsizes sysmonEBPFkern4.17-5.1_core.o
                  )

add_custom_command(OUTPUT sysmonEBPFkern5.2_core.rep
                   COMMAND "${CMAKE_BINARY_DIR}/checkEBPFsizes" sysmonEBPFkern5.2_core.o 32768 && touch sysmonEBPFkern5.2_core.rep
                   COMMENT "Checking sysmonEBPFkern5.2_core.o"
                   DEPENDS checkEBPFsizes sysmonEBPFkern5.2_core.o
                  )

add_custom_command(OUTPUT sysmonEBPFkern5.3-5.5_core.rep
                   COMMAND "${CMAKE_BINARY_DIR}/checkEBPFsizes" sysmonEBPFkern5.3-5.5_core.o 32768 && touch sysmonEBPFkern5.3-5.5_core.rep
                   COMMENT "Checking sysmonEBPFkern5.3-5.5_core.o"
                   DEPENDS checkEBPFsizes sysmonEBPFkern5.3-5.5_core.o
                  )

add_custom_command(OUTPUT sysmonEBPFkern5.6-_core.rep
                   COMMAND "${CMAKE_BINARY_DIR}/checkEBPFsizes" sysmonEBPFkern5.6-_core.o 32768 && touch sysmonEBPFkern5.6-_core.rep
                   COMMENT "Checking sysmonEBPFkern5.6-_core.o"
                   DEPENDS checkEBPFsizes sysmonEBPFkern5.6-_core.o
                  )

# list of files the EBPF programs depend upon
set(EBPF_DEPENDS
               sysmon_defs.h
               linuxTypes.h
               "${SYSMON_COMMON_SOURCE_DIR}/ioctlcmd.h"
               /opt/sysinternalsEBPF/ebpfKern/sysinternalsEBPF_helpers.c
               /opt/sysinternalsEBPF/ebpfKern/sysinternalsEBPF_common.h
               /opt/sysinternalsEBPF/ebpfKern/sysinternalsEBPFoffsets.h
               /opt/sysinternalsEBPF/ebpfKern/sysinternalsEBPFshared.h
               ebpfKern/sysmonEBPF_common.h
               ebpfKern/sysmonGenericEntry_tp.c
               ebpfKern/sysmonGenericEntry_rawtp.c
               ebpfKern/sysmonHelpers.c
               ebpfKern/sysmonProcCreate.c
               ebpfKern/sysmonProcCreate_tp.c
               ebpfKern/sysmonProcCreate_rawtp.c
               ebpfKern/sysmonFileCreate.c
               ebpfKern/sysmonFileCreate_tp.c
               ebpfKern/sysmonFileCreate_rawtp.c
               ebpfKern/sysmonFileOpen.c
               ebpfKern/sysmonFileOpen_tp.c
               ebpfKern/sysmonFileOpen_rawtp.c
               ebpfKern/sysmonFileDelete.c
               ebpfKern/sysmonFileDelete_tp.c
               ebpfKern/sysmonFileDelete_rawtp.c
               ebpfKern/sysmonFileDeleteAt.c
               ebpfKern/sysmonFileDeleteAt_tp.c
               ebpfKern/sysmonFileDeleteAt_rawtp.c
               ebpfKern/sysmonFileDeleteAtCwd.c
               ebpfKern/sysmonFileDeleteAtCwd_tp.c
               ebpfKern/sysmonFileDeleteAtCwd_rawtp.c
               ebpfKern/sysmonProcTerminated.c
               ebpfKern/sysmonTCPconnection_4_15.c
               ebpfKern/sysmonTCPconnection_4_16_5_5.c
               ebpfKern/sysmonTCPconnection_5_6_.c
               ebpfKern/sysmonTCPaccept.c
               ebpfKern/sysmonTCPaccept_tp.c
               ebpfKern/sysmonTCPaccept_rawtp.c
               ebpfKern/sysmonProcAccessed.c
               ebpfKern/sysmonProcAccessed_tp.c
               ebpfKern/sysmonProcAccessed_rawtp.c
               ebpfKern/sysmonUDPsend.c
               ebpfKern/sysmonUDPrecv.c
               ebpfKern/sysmonUDPrecv_tp.c
               ebpfKern/sysmonUDPrecv_rawtp.c
               ebpfKern/sysmonCloseFD.c
               ebpfKern/sysmonCloseFD_tp.c
               ebpfKern/sysmonCloseFD_rawtp.c
               sysmonevents.h   # automatically generated during build
               sysmonmsg.h      # automatically generated during build
               sysmonmsgop.c    # automatically generated during build
               sysmonmsgop.h    # automatically generated during build
)


#
# link sysmon
#
target_link_libraries(sysmon sysinternalsEBPF "${LIBXML2_LIBRARIES}" pthread ${openssl_SOURCE_DIR}/libcrypto.a ${CMAKE_DL_LIBS} )


#
# make sysmonLogView
#
add_executable(sysmonLogView
               sysmonLogView/sysmonLogView.cpp
               sysmonLogView/sysmonGetEventName.c
               sysmonmsgop.c
               sysmonevents.h
               sysmonmsg.h
               sysmonmsgop.h
)

target_include_directories(sysmonLogView PUBLIC
                           "${CMAKE_SOURCE_DIR}"
                           "${SYSMON_COMMON_SOURCE_DIR}"
                           "${PROJECT_BINARY_DIR}"
                           "/usr/include"
                           "${LIBXML2_INCLUDE_DIR}"
                           )

target_link_libraries(sysmonLogView "${LIBXML2_LIBRARIES}")


#
# make checkEBPFsizes
#
add_executable(checkEBPFsizes
               checkEBPFsizes/checkEBPFsizes.c
)

target_include_directories(checkEBPFsizes PUBLIC
                           "/usr/include"
                           )

target_link_libraries(checkEBPFsizes sysinternalsEBPF)

#
# GTest required for unit tests
#
find_package(GTest REQUIRED)

#
# make sysmon unit tests
#
add_executable(sysmonUnitTests
               "${SYSMON_TESTS_SOURCE_DIR}/main.cpp"
               "${SYSMON_TESTS_SOURCE_DIR}/rules.cpp"
               "${SYSMON_TESTS_SOURCE_DIR}/utils.cpp"
               "${SYSMON_TESTS_SOURCE_DIR}/RuleEntry.cpp"
               test/linuxRules.cpp
               linuxWideChar.c
               linuxHelpers.cpp
               outputxml.c
               hexdump.c
               "${SYSMON_COMMON_SOURCE_DIR}/parsecommandline.c"
               "${SYSMON_COMMON_SOURCE_DIR}/xml.cpp"
               "${SYSMON_COMMON_SOURCE_DIR}/rules.c"
               "${SYSMON_COMMON_SOURCE_DIR}/eventsCommon.cpp"
               sysmonevents.h
               sysmonmsg.h
               sysmonmsgop.h
               sysmonmsgop.c
               "${PROJECT_BINARY_DIR}/testdata"
               "${PROJECT_BINARY_DIR}/yoursleep"
               )

target_link_libraries(sysmonUnitTests "${LIBXML2_LIBRARIES}" ${GTEST_LIBRARIES} pthread ${openssl_SOURCE_DIR}/libcrypto.a ${CMAKE_DL_LIBS})
target_include_directories(sysmonUnitTests PUBLIC
                           "${CMAKE_SOURCE_DIR}"
                           "${SYSMON_COMMON_SOURCE_DIR}"
                           "${SYSMON_TESTS_SOURCE_DIR}"
                           "${PROJECT_BINARY_DIR}"
                           "/usr/include"
                           "${LIBXML2_INCLUDE_DIR}"
                           "${GTEST_INCLUDE_DIRS}"
                           )

#
# copy test data
#
add_custom_command(OUTPUT "${PROJECT_BINARY_DIR}/testdata"
                   COMMAND cp -a "${SYSMON_TESTS_SOURCE_DIR}/data" "${PROJECT_BINARY_DIR}/testdata"
                   COMMENT "Copying data to testdata"
                   DEPENDS "${SYSMON_TESTS_SOURCE_DIR}/data"
                   )

#
# make mysleep test binary
#
add_executable(mysleep test/mysleep.c)
add_custom_command(OUTPUT yoursleep
                   COMMAND ln -s mysleep yoursleep
                   DEPENDS mysleep
                  )


#
# automatically generate sources from manifest.xml and manifest.tt
#
add_custom_command(OUTPUT sysmonevents.h.utf16
                   COMMAND "${TEXTTRANSFORM}" "${SYSMON_COMMON_SOURCE_DIR}/manifest.tt" -out sysmonevents.h.utf16 -a '!!type!header'
                   COMMENT "Extracting sysmonevents.h.utf16"
                   DEPENDS "${SYSMON_COMMON_SOURCE_DIR}/manifest.tt"
                   )

add_custom_command(OUTPUT sysmonevents.h
                   COMMAND "${ICONV}" -f ASCII -t UTF-8 sysmonevents.h.utf16 -o sysmonevents.h
                   COMMENT "Converting sysmonevents.h.utf16 to UTF8"
                   DEPENDS sysmonevents.h.utf16
                   )

add_custom_command(OUTPUT sysmonmsg.mc.utf16
                   COMMAND "${TEXTTRANSFORM}" "${SYSMON_COMMON_SOURCE_DIR}/manifest.tt" -out sysmonmsg.mc.utf16 -a '!!version!internal' -a '!!type!mc'
                   COMMENT "Extracting sysmonmsg.mc.utf16"
                   DEPENDS "${SYSMON_COMMON_SOURCE_DIR}/manifest.tt"
                   )

add_custom_command(OUTPUT sysmonmsg.mc
                   COMMAND "${ICONV}" -f ASCII -t UTF-8 sysmonmsg.mc.utf16 -o sysmonmsg.mc
                   COMMENT "Converting sysmonmsg.mc.utf16 to UTF8"
                   DEPENDS sysmonmsg.mc.utf16
                   )

add_custom_command(OUTPUT sysmonmsg.h
                   COMMAND "${CMAKE_SOURCE_DIR}/extractMsgMc.sh" > sysmonmsg.h
                   COMMENT "Extracting sysmonmsg.h from sysmonmsg.mc"
                   DEPENDS sysmonmsg.mc
                   )

add_custom_command(OUTPUT sysmonmsgop.man.utf16
                   COMMAND "${TEXTTRANSFORM}" "${SYSMON_COMMON_SOURCE_DIR}/manifest.tt" -out sysmonmsgop.man.utf16 -a '!!version!internal' -a '!!type!man'
                   COMMENT "Extracting sysmonmsgop.man.utf16"
                   DEPENDS "${SYSMON_COMMON_SOURCE_DIR}/manifest.tt"
                   )

add_custom_command(OUTPUT sysmonmsgop.man
                   COMMAND "${ICONV}" -f ASCII -t UTF-8 sysmonmsgop.man.utf16 -o sysmonmsgop.man
                   COMMENT "Converting sysmonmsgop.man.utf16 to UTF8"
                   DEPENDS sysmonmsgop.man.utf16
                   )

add_custom_command(OUTPUT sysmonmsgop.h
                   COMMAND "${CMAKE_SOURCE_DIR}/extractMsgOp.sh" HEADER > sysmonmsgop.h
                   COMMENT "Extracting sysmonmsgop.h from sysmonmsgop.man"
                   DEPENDS sysmonmsgop.man
                   )

add_custom_command(OUTPUT sysmonmsgop.c
                   COMMAND "${CMAKE_SOURCE_DIR}/extractMsgOp.sh" > sysmonmsgop.c
                   COMMENT "Extracting sysmonmsgop.c from sysmonmsgop.man"
                   DEPENDS sysmonmsgop.man
                   )

#
# convert embedded files to objects for linking with the sysmon binary
#
add_custom_command(OUTPUT manifest.xml.o
                   COMMAND cd "${SYSMON_COMMON_SOURCE_DIR}" && "${LD}" -r -b binary -o "${PROJECT_BINARY_DIR}/manifest.xml.o" manifest.xml
                   COMMENT "Packing manifest.xml into manifest.xml.o"
                   DEPENDS "${SYSMON_COMMON_SOURCE_DIR}/manifest.xml"
                   )

set(PACKED_BINARY_FILES
    sysmonEBPFkern4.15.o
    sysmonEBPFkern4.16.o
    sysmonEBPFkern4.17-5.1.o
    sysmonEBPFkern5.2.o
    sysmonEBPFkern5.3-5.5.o
    sysmonEBPFkern5.6-.o
    sysmonEBPFkern4.15_core.o
    sysmonEBPFkern4.16_core.o
    sysmonEBPFkern4.17-5.1_core.o
    sysmonEBPFkern5.2_core.o
    sysmonEBPFkern5.3-5.5_core.o
    sysmonEBPFkern5.6-_core.o
    sysmonLogView
    sysmon.service
    sysmon.d
)

foreach(BIN_FILE IN LISTS PACKED_BINARY_FILES)
add_custom_command(OUTPUT "${BIN_FILE}.o"
                   COMMAND "${LD}" -r -b binary -o "${BIN_FILE}.o" "${BIN_FILE}"
                   COMMENT "Packing ${BIN_FILE} into ${BIN_FILE}.o"
                   DEPENDS "${PROJECT_BINARY_DIR}/${BIN_FILE}"
                   )
endforeach(BIN_FILE)


#
# copy the service files and installer to the build directory
#
add_custom_command(OUTPUT "${PROJECT_BINARY_DIR}/sysmon.d"
                   COMMAND cp "${CMAKE_SOURCE_DIR}/sysmon.d" "${PROJECT_BINARY_DIR}/sysmon.d"
                   COMMENT "Copying sysmon.d"
                   DEPENDS "${CMAKE_SOURCE_DIR}/sysmon.d"
                   )

add_custom_command(OUTPUT "${PROJECT_BINARY_DIR}/sysmon.service"
                   COMMAND cp "${CMAKE_SOURCE_DIR}/sysmon.service" "${PROJECT_BINARY_DIR}/sysmon.service"
                   COMMENT "Copying sysmon.service"
                   DEPENDS "${CMAKE_SOURCE_DIR}/sysmon.service"
                   )


#
# EBPF COMPILE OPTIONS
#
# This section specifies the options for building ebpf programs
#

# There are parts of the build process that needs to run when the CMake file changes.
# Specifically, the eBPF program compilation. This is done by comparing the hash of
# the CMake file to the previous hash. If they are different, then the eBPF programs
# are rebuilt.
file(MD5 "${CMAKE_CURRENT_LIST_FILE}" CMAKE_FILE_HASH)

set(PREVIOUS_CMAKE_FILE_HASH "")
if(EXISTS "${PROJECT_BINARY_DIR}/previous_cmake_file_hash.txt")
    file(READ "${PROJECT_BINARY_DIR}/previous_cmake_file_hash.txt" PREVIOUS_CMAKE_FILE_HASH)
endif()

file(WRITE "${PROJECT_BINARY_DIR}/previous_cmake_file_hash.txt" "${CMAKE_FILE_HASH}")

# set binaries and options for clang and llc
set(CLANG "clang")
set(LLC "llc")
set(CLANG_OPTIONS -Wno-unused-value
                  -Wno-pointer-sign
                  -Wno-compare-distinct-pointer-types
                  -Wno-gnu-variable-sized-type-not-at-end
                  -Wno-address-of-packed-member
                  -Wno-tautological-compare
                  -Wno-unknown-warning-option
                  -g
                  )
set(CLANG_DEFINES -D __KERNEL__
                  -D __BPF_TRACING__
                  -D __TARGET_ARCH_x86
                  -D __linux__
                  )
if (DEBUG_K)
    message("Using DEBUG_K Option...")
    list(APPEND CLANG_DEFINES -DDEBUG_K)
endif()

set(CLANG_INCLUDES
                   -I "${CMAKE_SOURCE_DIR}/gnu"
                   -I "${CMAKE_SOURCE_DIR}"
                   -I "${SYSMON_COMMON_SOURCE_DIR}"
                   -I "/opt/sysinternalsEBPF/ebpfKern"
                   -I "/opt/sysinternalsEBPF/libbpf"
                   -I "${CMAKE_BINARY_DIR}"
                   -I "${libbpf_SOURCE_DIR}/src"
                   )

set(EBPF_CORE_PROG_SUFFIX "_core")

#
# EBPF
#
# This section makes the EBPF programs
#

# function to make ebpf programs
function(build_ebpf ebpfsrc suffix)
    add_custom_command(OUTPUT ${ebpfsrc}${suffix}.o
                       COMMAND "${CLANG}" -nostdinc ${CLANG_INCLUDES} -isystem "/usr/include" -isystem "/usr/include/x86_64-linux-gnu" -isystem `gcc -print-file-name=include` ${CLANG_DEFINES} -O2 ${CLANG_OPTIONS} -target bpf -fno-stack-protector -c "${CMAKE_SOURCE_DIR}/ebpfKern/${ebpfsrc}.c" -o "${ebpfsrc}${suffix}.o"
                       COMMENT "Building EBPF object ${ebpfsrc}${suffix}.o"
                       DEPENDS ebpfKern/${ebpfsrc}.c ${EBPF_DEPENDS}
                       )
endfunction()

# Loop for all ebpf programs
foreach(EBPF_PROG IN LISTS EBPF_PROGS)

    # add custom target to build all ebpf programs with 'all'
    add_custom_target(${EBPF_PROG} ALL
                      DEPENDS "${CMAKE_SOURCE_DIR}/ebpfKern/${EBPF_PROG}.c"
                     )

    # test to only build ebpf programs when they have changed or if CMake file has changed.
    if(${CMAKE_SOURCE_DIR}/ebpfKern/${EBPF_PROG}.c IS_NEWER_THAN ${CMAKE_BINARY_DIR}/${EBPF_PROG}.o OR NOT "${CMAKE_FILE_HASH}" STREQUAL "${PREVIOUS_CMAKE_FILE_HASH}")
        # first build NON CORE program
        list(REMOVE_ITEM CLANG_DEFINES -DEBPF_CO_RE)
        build_ebpf(${EBPF_PROG} "")
        set_directory_properties(PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES ${EBPF_PROG}.o)
    endif()

    if(${CMAKE_SOURCE_DIR}/ebpfKern/${EBPF_PROG}.c IS_NEWER_THAN ${CMAKE_BINARY_DIR}/${EBPF_PROG}${EBPF_CORE_PROG_SUFFIX}.o OR NOT "${CMAKE_FILE_HASH}" STREQUAL "${PREVIOUS_CMAKE_FILE_HASH}")
        # next build CORE program
        list(APPEND CLANG_DEFINES -DEBPF_CO_RE)
        build_ebpf(${EBPF_PROG} ${EBPF_CORE_PROG_SUFFIX})
        set_directory_properties(PROPERTIES ADDITIONAL_MAKE_CLEAN_FILES ${EBPF_PROG}${EBPF_CORE_PROG_SUFFIX}.o)
    endif()

endforeach(EBPF_PROG)
